CDN$ 26.45
  • List Price: CDN$ 41.99
  • You Save: CDN$ 15.54 (37%)
Usually ships within 4 to 6 weeks.
Ships from and sold by Amazon.ca.
Gift-wrap available.
Quantity:1
Add to Cart
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Intrusion Signatures and Analysis Paperback – Jan 19 2001


Amazon Price New from Used from
Paperback
"Please retry"
CDN$ 26.45
CDN$ 9.61 CDN$ 1.72

Join Amazon Student in Canada


NO_CONTENT_IN_FEATURE

Product Details

  • Paperback: 448 pages
  • Publisher: Sams Publishing; 1 edition (Jan. 19 2001)
  • Language: English
  • ISBN-10: 0735710635
  • ISBN-13: 978-0735710634
  • Product Dimensions: 2.3 x 17.3 x 22.3 cm
  • Shipping Weight: 703 g
  • Average Customer Review: 4.2 out of 5 stars  See all reviews (8 customer reviews)
  • Amazon Bestsellers Rank: #2,395,128 in Books (See Top 100 in Books)
  • See Complete Table of Contents


Inside This Book (Learn More)
First Sentence
DID YOU EVER WATCH THE OLD cowboy-and-Indian movies on Saturday afternoon television when you were growing up? Read the first page
Explore More
Concordance
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Customer Reviews

4.2 out of 5 stars
Share your thoughts with other customers

Most helpful customer reviews

Format: Paperback
This is the best book about Intrusion Signatures published yet.
I teach computer security at a local university, and with the only help of this book, I could take care of all the practical aspects of my last course. If you have already a good background on this field, and read and understand thoroughly the book, then you can afford any related security certification test.
Chapters 3 through 17, present several well documented cases, which, in turn, are discussed following the same standard:
- Presentation
- Source of Trace
- Detect Generated by
- Probability the Source Address Was spoofed
- Attack Description
- Attack Mechanism
- Correlations
- Evidence of Active Targeting
- Severity
- Defense Recommendations
- Questions
Chapter 1 introduces the reader to Analysis of Logs (including Snort, Tcpdump, and Syslog), IDS, and Firewalls. Even being a quick review, it is quite useful, though.
Chapter 2 explains the way the cases are studied.
The covered vulnerabilities and attacks include:
- Internet Security Threats
- Routers and Firewalls Attacks
- IP Spoofing
- Networks Mapping and Scanning
- Denial of Service
- Trojans
- Assorted Exploits
- Buffer Overflows
- IP Fragmentation
- False Positives
- Crafted Packets
At the bottom line, this is one of the 5 best computer security books I ever read. Even for non experts, the book can be a valuable tool to improve the understanding on this field.
Try it.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Paperback
I read this book out of general interest and a need to dig deeper into the technical aspects of security, and intrusion detection in particular. For that, this title is perfect!
It's great to learn intrusion detection, packet analysis, forensics, attack methodologies, attack recognition, and similar topics. And oh, by the way, if you have any interest at all in certification, Intrusion Signatures and Analysis is the study guide for one of the hottest new certs there is: SANS GIAC Intrusion Detection In Depth.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Paperback
A must-have for the serious network security professional, Intrusion Signatures And Analysis opens with an introduction into the format of some of the more common sensors and then begins a tutorial into the unique format of the signatures and analyses used in the book. Readers will find page after page of signatures, in order by categories as well as a case study section on how attacks have shut down the networks and web sites of Yahoo, and E-bay and what those attacks looked like. As an added feature, the collaborative authors Stephen Northcutt; Mark Cooper; Matt Fearnow; and Karen Frederick included review questions with throughout the book to help readers be sure they comprehend the traces and material that has been covered. Intrusion Signatures And Analysis is a recommended resource for the SANS Institute GIAC certification program. 448 pp.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Paperback
This is the second release from some of the key SANS GIAC folk and is a fine addition as it extends on the data from "Network Intrusion Detection : An Analysts Handbook", to give intrusion detection practitioners some interesting detects from the GIAC graduates.
Included in these detects are some of the more unique pieces of analysis that have been performed at GIAC, with detailed write-ups of the analysis process and the logic applied in defining the conditions in which the events occured.
Once again, this is easy and interesting reading which will appeal to intrusion analyists of all levels. Further, this book gives neophytes a real sense of what can be monitered and how important intrusion detection is in security layering.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.


Feedback